package routes

import (
	"mumu_stock_trad/controller"
	"mumu_stock_trad/middleware"
	"mumu_stock_trad/proxy"
	"net"
	"net/http"

	"github.com/gin-gonic/gin"
	log "github.com/sirupsen/logrus"
	"github.com/spf13/viper"
)

func loadAPI(api *gin.RouterGroup, hub *proxy.Hub) {

	apis := api.Group("/api")
	{
		// 未使用
		apis.GET("/stock/:symbol", controller.GetStockData)

		// 不调用
		apis.GET("/stock-qt/:symbol", controller.GetStockDataQt)

		// 从接口获取所有股票列表
		apis.GET("/stock-list/:page", controller.GetStockDataList)

		// 从接口获取分类列表
		apis.GET("/category", controller.GetCategory)

		// 从接口获取股票列表通过分类信息
		apis.GET("/get-stock-list", controller.GetStockListByCategory)

		// 获取当日的股票数据存入数据库
		apis.GET("/stock-qt-all", controller.GetStockQtAll)

		// 获取数据库股票数据
		apis.POST("/list", controller.GetList)

		// 获取某个股票的每日数据
		apis.POST("/detail", controller.GetDetail)

		// 添加到收藏列表
		apis.POST("/add-favorite", controller.AddFavorite)

		// 删除收藏列表
		apis.POST("/delete-favorite", controller.DeleteFavorite)

		// 从showapi获取股票历史数据
		apis.GET("/stock-sapi", controller.StockSApi)
	}

	// 将 vueEAdmin 路由分为需要和不需要 JWT 验证的两部分

	// 不需要 JWT 认证的接口组
	vueEAdminNoAuth := apis.Group("/vue-element-admin")
	{
		// 登录接口
		vueEAdminNoAuth.POST("/user/login", controller.Login)
	}

	// 需要 JWT 认证的接口组
	vueEAdminAuth := apis.Group("/vue-element-admin")
	{
		// 获取用户信息接口
		vueEAdminAuth.GET("/user/info", middleware.JWTAuth(), controller.GetUserInfo)

		// 登出接口
		vueEAdminAuth.POST("/user/logout", middleware.JWTAuth(), controller.Logout)

		// 查询用户接口
		vueEAdminAuth.GET("/search/user", middleware.JWTAuth(), controller.SearchUser)

		// 交易数据接口
		vueEAdminAuth.GET("/transaction/list", middleware.JWTAuth(), controller.TransactionList)

		// 菜单接口
		vueEAdminAuth.POST("/auth", middleware.JWTAuth(), controller.GetUserRoutes)

		// 后台用户接口
		vueEAdminAuth.POST("/back-user-list", middleware.JWTAuth(), controller.GetBackUserList)

		// 获取股票列表
		vueEAdminAuth.POST("/stock/list", middleware.JWTAuth(), controller.GetStockList)

		// 从接口获取股票分类
		vueEAdminAuth.GET("/update-category", middleware.JWTAuth(), controller.UpdateCategory)

		// 获取股票分类列表展示

		// 从接口获取所有股票
	}
}

var whitelistIP = []string{
	"172.31.0.0/24",
	"127.0.0.1",
}

func ipWhiteList() gin.HandlerFunc {
	if viper.GetString("ctl_ip_whitelist") == "true" {
		return func(c *gin.Context) {
			clientIp := c.ClientIP()
			ip := net.ParseIP(clientIp)

			found := false
			for _, network := range whitelistIP {
				// Firstly check whether this is a CIDR
				_, subnet, _ := net.ParseCIDR(network)
				if subnet != nil && subnet.Contains(ip) {
					found = true
					break
				} else if subnet == nil && clientIp == network {
					// This is not a CIDR, but a simple IP (mostly from external access), now check whether they are identical
					found = true
					break
				}
			}
			if !found {
				log.Error("Source IP: ", clientIp, " forbidden")
				c.AbortWithStatusJSON(http.StatusForbidden, gin.H{
					"status":       http.StatusForbidden,
					"errorCode":    -1,
					"errorMessage": "Permission denied",
					"data":         nil,
				})
				return
			}
		}
	} else {
		return func(c *gin.Context) {}
	}
}
